Russian Forensic Experts crack iOS 4 encryption
iOS 4 was designed to eliminate security flaws found in previous versions of Apple’s mobile operating system. The hardware-based encryption chip first released in the iPhone 3GS now takes full advantage of 256bit encryption to provide adequate security for handsets and backups stored on your computer. Russian forensic experts at ElcomSoft have developed an application which allows access to password protected backups for Apple and Blackberry smartphone backups. The application uses brute force to reveal the plain text password; which would allow user to access all data stored in the backup including contacts and call logs. Fortunately, for a user to successfully decrypt a backup, they must have access to the physical device and the backup file. Elcomsoft employee Vladimir Katlov explains:
“Decryption is not possible without having access to the actual device because we need to obtain the encryption keys that are stored in (or computed by) the device and are not dumped or stored during typical physical acquisition.”
For security conscious iPhone users, there are a couple ways to prevent your data from being decrypted by attackers. Storing your iPhone and laptop separately reduces the chances of an attacker gaining access to both devices. iTunes also gives you the option the encrypt the device backup (Found in the device summary tab).